package com.xin.usermanagebackend.controller;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.xin.usermanagebackend.annotation.AuthCheck;
import com.xin.usermanagebackend.common.BaseResponse;
import com.xin.usermanagebackend.common.DeleteRequest;
import com.xin.usermanagebackend.constant.ResultCode;
import com.xin.usermanagebackend.exception.BusinessException;
import com.xin.usermanagebackend.model.dto.user.UserLoginRequest;
import com.xin.usermanagebackend.model.dto.user.UserRegisterRequest;
import com.xin.usermanagebackend.model.dto.user.UserUpdateRequest;
import com.xin.usermanagebackend.model.entity.User;
import com.xin.usermanagebackend.model.vo.UserVo;
import com.xin.usermanagebackend.service.UserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;

import static com.xin.usermanagebackend.constant.UserConstant.ADMIN_ROLE;
import static com.xin.usermanagebackend.constant.UserConstant.USER_LOGIN_STATE;

@RequestMapping("/user")
@RestController
public class UserController {
    @Resource
    private UserService userService;

    /**
     * 用户注册
     *
     * @param userRegisterRequest 封装了用户注册的参数
     * @return 用户id
     */
    @PostMapping("/register")
    public BaseResponse<Long> register(@RequestBody UserRegisterRequest userRegisterRequest) {
        String userAccount = userRegisterRequest.getUserAccount();
        String userPassword = userRegisterRequest.getUserPassword();
        String checkPassword = userRegisterRequest.getCheckPassword();
        //这里的参数校验和service中的参数校验并不冲突，这里只是对参数本身的检验，不涉及业务
        if (StringUtils.isAnyBlank(userAccount, userPassword, checkPassword)) {
            throw new BusinessException();
        }
        long id = userService.userRegister(userAccount, userPassword, checkPassword);
        return new BaseResponse<>(ResultCode.SUCCESS, id, "注册成功");
    }

    /**
     * 用户登录
     *
     * @param userLoginRequest   封装了用户登录的参数
     * @param httpServletRequest 请求
     * @return 脱敏后的用户信息
     */
    @PostMapping("/login")
    public BaseResponse<UserVo> login(@RequestBody UserLoginRequest userLoginRequest, HttpServletRequest httpServletRequest) {
        if (userLoginRequest==null){
            throw new BusinessException(ResultCode.PARAM_ERROR,"请求参数有误");
        }
        String userAccount = userLoginRequest.getUserAccount();
        String userPassword = userLoginRequest.getUserPassword();
        if (StringUtils.isAnyBlank(userAccount, userPassword)) {
            throw new BusinessException(ResultCode.PARAM_ERROR, "请求参数有误");
        }
        UserVo userVo = userService.userLonin(userAccount, userPassword, httpServletRequest);
        return new BaseResponse<>(ResultCode.SUCCESS, userVo, "用户登录成功");
    }

    /**
     * 用户注销
     *
     * @param httpServletRequest
     * @return 目前是Integer 无意义
     */
    @PostMapping("/logout")
    public BaseResponse<Integer> logout(HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new BusinessException(ResultCode.SYSTEM_ERROR, "拿不到请求");
        }
        Integer res = userService.userLogout(httpServletRequest);
        return new BaseResponse<>(ResultCode.SUCCESS, res, "注销成功");
    }

    /**
     * 根据用户名查询用户
     * 管理员权限
     *
     * @param username 用户名
     * @return 用户
     */
    @AuthCheck(mustoRole = "admin")
    @GetMapping("/search")
    public BaseResponse<List> search(String username) {
        QueryWrapper<User> userQueryWrapper = new QueryWrapper<>();
        userQueryWrapper.like("username", username);
        List<User> userList = userService.list(userQueryWrapper);
        return new BaseResponse<>(ResultCode.SUCCESS, userList, "根据用户名查询成功");
    }

    /**
     * 根据id删除用户
     * 管理员权限
     *
     * @param deleteRequest
     * @return
     */
    @AuthCheck(mustoRole = "admin")
    @PostMapping("/delete")
    public BaseResponse<Boolean> delete(@RequestBody DeleteRequest deleteRequest) {
        long id = deleteRequest.getId();
        if (id <= 0) {
            throw new BusinessException(ResultCode.PARAM_ERROR, "id有误");
        }
        boolean res = userService.removeById(id);
        return new BaseResponse<>(ResultCode.SUCCESS, res, "根据id删除用户成功");
    }

    /**
     * 用户修改个人信息
     * @return
     */
    @PostMapping("/update")
    @AuthCheck(mustoRole = "user")
    public BaseResponse<Integer> update(@RequestBody UserUpdateRequest userUpdateRequest, HttpServletRequest request){
        //管理员可修改 or  自己可以修改自己的信息
        if (userUpdateRequest==null){
            throw new BusinessException(ResultCode.PARAM_ERROR,"参数为null");
        }
        Integer res = userService.update(userUpdateRequest);
        return new BaseResponse<>(ResultCode.SUCCESS,res,"修改用户信息成功");

    }

    /**
     * 根据标签搜索用户
     * @param tags
     * @return
     */
    @GetMapping("/searchuserbytags")
    public BaseResponse<List> searchUserByANDTags(List<String> tags){
        if (tags==null){
            throw new BusinessException(ResultCode.PARAM_ERROR,"参数为null");
        }
        List<UserVo> userList = userService.searchUserByTags(tags);
        return new BaseResponse<>(ResultCode.SUCCESS,userList,"根据标签获取用户列表成功");
    }

    /**
     * 判断是否是管理员
     * 暂时不使用了，使用spring aop来进行权限校验
     *
     * @param httpServletRequest 请求
     * @return 是否是管理员 true是
     */
    @Deprecated
    private boolean isAdmin(HttpServletRequest httpServletRequest) {
        Object userObj = httpServletRequest.getSession().getAttribute(USER_LOGIN_STATE);
        User user = (User) userObj;
        return user != null && user.getUserStatus() == ADMIN_ROLE;
    }
}
